• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROME_INSTALLER_UTIL_ADVANCED_FIREWALL_MANAGER_WIN_H_
6 #define CHROME_INSTALLER_UTIL_ADVANCED_FIREWALL_MANAGER_WIN_H_
7 
8 #include <windows.h>
9 #include <netfw.h>
10 #include <vector>
11 
12 #include "base/files/file_path.h"
13 #include "base/strings/string16.h"
14 #include "base/win/scoped_comptr.h"
15 
16 namespace installer {
17 
18 // Manages firewall rules using Advanced Security Windows API. The API is
19 // available on Windows Vista and later. Most methods need elevation.
20 class AdvancedFirewallManager {
21  public:
22   AdvancedFirewallManager();
23   ~AdvancedFirewallManager();
24 
25   // Initializes object to manage application win name |app_name| and path
26   // |app_path|.
27   bool Init(const base::string16& app_name, const base::FilePath& app_path);
28 
29   // Returns true if firewall is enabled.
30   bool IsFirewallEnabled();
31 
32   // Returns true if there is any rule for the application.
33   bool HasAnyRule();
34 
35   // Adds a firewall rule allowing inbound connections to the application on UDP
36   // port |port|. Replaces the rule if it already exists. Needs elevation.
37   bool AddUDPRule(const base::string16& rule_name,
38                   const base::string16& description,
39                   uint16_t port);
40 
41   // Deletes all rules with specified name. Needs elevation.
42   void DeleteRuleByName(const base::string16& rule_name);
43 
44   // Deletes all rules for current app. Needs elevation.
45   void DeleteAllRules();
46 
47  private:
48   friend class AdvancedFirewallManagerTest;
49 
50   // Creates a firewall rule allowing inbound connections to UDP port |port|.
51   base::win::ScopedComPtr<INetFwRule> CreateUDPRule(
52       const base::string16& rule_name,
53       const base::string16& description,
54       uint16_t port);
55 
56   // Returns the list of rules applying to the application.
57   void GetAllRules(std::vector<base::win::ScopedComPtr<INetFwRule> >* rules);
58 
59   // Deletes rules. Needs elevation.
60   void DeleteRule(base::win::ScopedComPtr<INetFwRule> rule);
61 
62   base::string16 app_name_;
63   base::FilePath app_path_;
64   base::win::ScopedComPtr<INetFwPolicy2> firewall_policy_;
65   base::win::ScopedComPtr<INetFwRules> firewall_rules_;
66 
67   DISALLOW_COPY_AND_ASSIGN(AdvancedFirewallManager);
68 };
69 
70 }  // namespace installer
71 
72 #endif  // CHROME_INSTALLER_UTIL_ADVANCED_FIREWALL_MANAGER_WIN_H_
73